I've read the hacking chapter of the core book repeatedly, and while I think I understand how individual parts of the system work, I have trouble putting it all together.

Assume I'm walking down the street of a space station, see a passer-by, and decide to ruin their day. They are the most vanilla default citizen with a standard muse. I want to hack into their mesh inserts and access any slaved devices they have, copying any data they store, then flood the mesh inserts with AR illusions of nyan cats. What are the actions I undertake, what modifiers are applicable and what software do I need?

Things to consider, please correct me if any of these are wrong:

Mesh inserts should only have 2 users: the muse and the owner.

Both of them are likely hardwired into it.

Would encryption be used by default when operating mesh inserts? Encryption software is pre-installed into them (EP p.300)

Would software quality of mesh inserts provide a modifier to breaking through the Firewall? It is the most important personal item one could have, after all.

Now assume I want to similarly ruin the day of a hypercorp CEO. What's different?

2 Answers
2

To start with, typical Mesh Inserts are online through wireless connections whenever their user is awake, so in the conditions described, you have most likely met the preconditions for an intrusion attempt. Despite the fact that the most likely only legitimate users are local, to hack you only need a communications path, which you have. (Page 254)

It is extremely unlikely that the Mesh Insert is set up by default to allow for external entry through regular means, ruling out the possibility of circumventing authentication. Thus, it will require an intrusion test. You will need Exploit software for this. (Page 255)

You need to start with bypassing the firewall. This is a Task Action using the Infosec skill with a default timeframe of ten minutes, both time and modified for circumstance if the GM decides to. For the kind of access required to achieve your goals, you will likely need admin level access. This means you will take a -30 penalty on your Infosec Test. (Page 255)

After bypassing the firewall, you will need to defeat any active security. It can safely be assumed that the Mesh Insert's Muse is acting as active security at all times. A typical muse has an Infosec rating of 30. (Defeating) Active Security is a Variable Opposed Infosec Test. If neither of you succeed, you will both reroll on your next action phase, until either or both succeeds. If both succeed, you will be 'spotted', if only the security succeeds you will have been 'locked' and most likely immediately locked out of the Mesh Insert, free to retry but the muse will be alert and in all likelihood will have alerted the user. If only you succeed you will be covert (or hidden on an exceptional success.) (Page 256)

Locked, Spotted, Covert and Hidden statuses ultimately all allow you to continue your hacking for the time being, with differing penalties and advantages, and both sides can attempt to change your status and do other countermeasures. (See Page 256-257) Going into a detailed discussion of possible countermeasures is beyond the scope of this answer due to the likelihood the typical Muse will only seek to kick you out.

However, if you reach Spotted at least once, the Muse will put the system into Passive Alert, giving you a -10 penalty on all your hacking actions, alerting the owner and opening up Passive Countermeasures If you ever become Locked the Muse will put the system into Active Alert, giving you a -20 penalty on all your hacking actions, alerting the owner and opening up Active Countermeasures. (Countermeasures are covered Pages 257-258)

The typical Muse will be unlikely to do much more than attempt to move any Spotted intruders to the Locked status through Zeroing In on the them which only applies if you're Spotted. If you are Spotted you can attempt to become Covert by Upgrading Status Both of these are an Opposed Infosec Test and while Zeroing In only requires a regular success for the Muse to move you down to Locked, Upgrading your Status requires you to gain an Exceptional Success. (Page 257)

Assuming the Muse hasn't managed to get you to Locked status (whereupon they will attempt to Lockout with another opposed roll, to which you take a -20 penalty, see page 258) you can do whichever you like in there, with the caveat that any encrypted data cannot be decrypted without either access to a quantum computer or the proper keys, which might not be stored on the Mesh in a usable manner. You do not need to make additional hacking rolls to do any of the actions described unless the account you have created when breaking into the system lacks admin rights.(Page 259)

When it comes to the Mesh Insert of a Hypercorp CEO, the basic principles are similar. However, a Hypercorp CEO is unlikely to have off the shelf hardware or software, giving more than sufficient excuse to increase the time and difficulty of bypassing the firewall. Furthermore, the CEO's Muse will likely have a far higher Infosec skill and be more likely to make use of the wide variety of countermeasures available. The exact details are conjecture, but I would assume needing twice as much time and taking a -30 penalty for the firewall while dealing with an Infosec 70 Muse is reasonable for any Hypercorp CEO worth being called that. Furthermore, it's likely any encrypted data worth stealing will be encrypted through quantum cryptography, which even quantum computers cannot feasibly break.

So I can either take a -30 penalty while beating the firewall to gain admin rights, or make a couple of checks once connected as a user to do admin-type things, with corresponding penalties for the specific activity. Is that right?
–
MagicianFeb 3 '14 at 3:58

@Magician Yes. However, failing those roles will alert the system to unusual activity and if the system is in a state of alert you take the penalty to such attempts.
–
DraupadiFeb 3 '14 at 4:23

@BrianBallsun-Stanton None that I'm aware of. I may have missed it, however. I never used rules for that, and I mainly pulled out the book here to confirm my memory and grab page references.
–
DraupadiFeb 3 '14 at 4:25

@BrianBallsun-Stanton Draupadi had found the right place, but missed the other use - besides going from Spotted to Covert, you can use Upgrading Status to escalate privilege from Covert to Hidden. Hidden intruders have effectively rooted the system; they act with admin access rights but need not show up as an admin-level user.
–
TynamFeb 18 '14 at 18:50

If I read the question correctly, there is nothing that would be done differently than hacking any other node.

Intrusion Test>Bypass Security>Subversion (Page 259)

It's a -20 to your roll to inject AR illusions according to the chart on the same page. As for hacking a normal citizen vs a hypercorp there is no difference normally, but if the target has better equipment then this can make the task more difficult for you. Cheaper gear might make it easier. (Page 247 has rules for Mesh Gear Quality)